<?php
namespace app\api\controller;

use app\common\controller\Api;
use app\common\model\User;
use app\common\model\VerifyCode;
use think\Db;
use fast\Random;

/**
 * 支付密码接口
 */
class PayPassword extends Api
{
    protected $noNeedLogin = [];
    protected $noNeedRight = '*';
    
    /**
     * 设置支付密码
     *
     * @ApiMethod (POST)
     * @ApiParams (name="mobile", type="string", required=true, description="手机号")
     * @ApiParams (name="captcha", type="string", required=true, description="验证码")
     * @ApiParams (name="password", type="string", required=true, description="支付密码，6位数字")
     * @ApiParams (name="confirm_password", type="string", required=true, description="确认支付密码，6位数字")
     */
    public function setPayPassword()
    {
        $mobile = $this->request->post('mobile');
        $captcha = $this->request->post('captcha');
        $password = $this->request->post('password');
        $confirm_password = $this->request->post('confirm_password');
        
        // 参数验证
        if (!$mobile || !$captcha || !$password || !$confirm_password) {
            $this->error(__('参数不完整'));
        }
        
        // 验证手机号格式
        if (!\think\Validate::regex($mobile, "^1\d{10}$")) {
            $this->error(__('手机号格式不正确'));
        }
        
        // 验证支付密码格式（6位数字）
        if (!\think\Validate::regex($password, "^\d{6}$")) {
            $this->error(__('支付密码必须为6位数字'));
        }
        
        // 验证确认密码格式（6位数字）
        if (!\think\Validate::regex($confirm_password, "^\d{6}$")) {
            $this->error(__('确认支付密码必须为6位数字'));
        }
        
        // 验证两次密码是否一致
        if ($password !== $confirm_password) {
            $this->error(__('两次输入的密码不一致'));
        }
        
        // 验证验证码
        $verifyCodeModel = new VerifyCode();
        $verifyResult = $verifyCodeModel->verifyCode($mobile, $captcha, 'pay_password');
        
        if (!$verifyResult['code']) {
            $this->error($verifyResult['msg'] . '，请确保使用设置支付密码专用验证码');
        }
        
        // 获取当前登录用户
        $user = $this->auth->getUser();
        
        // 验证手机号是否匹配
        if ($user->mobile != $mobile) {
            $this->error(__('手机号与当前登录用户不匹配'));
        }
        
        // 生成密码盐
        $salt = Random::alnum();
        // 加密支付密码
        $encryptPassword = md5(md5($password) . $salt);
        
        // 更新用户支付密码
        $user->save([
            'pay_password' => $encryptPassword,
            'pay_password_salt' => $salt
        ]);
        
        $this->success(__('支付密码设置成功'));
    }
    
    /**
     * 验证支付密码
     *
     * @ApiMethod (POST)
     * @ApiParams (name="password", type="string", required=true, description="支付密码，6位数字")
     */
    public function verifyPayPassword()
    {
        $password = $this->request->post('password');
        
        // 参数验证
        if (!$password) {
            $this->error(__('参数不完整'));
        }
        
        // 验证支付密码格式（6位数字）
        if (!\think\Validate::regex($password, "^\d{6}$")) {
            $this->error(__('支付密码必须为6位数字'));
        }
        
        // 获取当前登录用户
        $user = $this->auth->getUser();
        
        // 检查用户是否设置了支付密码
        if (!$user->pay_password) {
            $this->error(__('您尚未设置支付密码'));
        }
        
        // 验证支付密码
        $encryptPassword = md5(md5($password) . $user->pay_password_salt);
        
        if ($encryptPassword !== $user->pay_password) {
            $this->error(__('支付密码不正确'));
        }
        
        $this->success(__('支付密码验证成功'));

    }
    
    /**
     * 重置支付密码
     *
     * @ApiMethod (POST)
     * @ApiParams (name="mobile", type="string", required=true, description="手机号")
     * @ApiParams (name="captcha", type="string", required=true, description="验证码")
     * @ApiParams (name="old_password", type="string", required=true, description="原支付密码，6位数字")
     * @ApiParams (name="password", type="string", required=true, description="新支付密码，6位数字")
     * @ApiParams (name="confirm_password", type="string", required=true, description="确认新支付密码，6位数字")
     */
    public function resetPayPassword()
    {
        $mobile = $this->request->post('mobile');
        $captcha = $this->request->post('captcha');
        $old_password = $this->request->post('old_password');
        $password = $this->request->post('password');
        $confirm_password = $this->request->post('confirm_password');
        
        // 参数验证
        if (!$mobile || !$captcha || !$old_password || !$password || !$confirm_password) {
            $this->error(__('参数不完整'));
        }
        
        // 验证手机号格式
        if (!\think\Validate::regex($mobile, "^1\d{10}$")) {
            $this->error(__('手机号格式不正确'));
        }
        
        // 验证支付密码格式（6位数字）
        if (!\think\Validate::regex($old_password, "^\d{6}$")) {
            $this->error(__('原支付密码必须为6位数字'));
        }
        
        if (!\think\Validate::regex($password, "^\d{6}$")) {
            $this->error(__('新支付密码必须为6位数字'));
        }
        
        if (!\think\Validate::regex($confirm_password, "^\d{6}$")) {
            $this->error(__('确认新支付密码必须为6位数字'));
        }
        
        // 验证新密码与确认密码是否一致
        if ($password !== $confirm_password) {
            $this->error(__('新密码与确认密码不一致'));
        }
        
        // 验证验证码
        $verifyCodeModel = new VerifyCode();
        $verifyResult = $verifyCodeModel->verifyCode($mobile, $captcha, 'reset_pay_password');
        
        if (!$verifyResult['code']) {
            $this->error($verifyResult['msg'] . '，请确保使用重置支付密码专用验证码');
        }
        
        // 查找用户
        $user = User::getByMobile($mobile);
        if (!$user) {
            $this->error(__('用户不存在'));
        }
        
        // 检查用户是否设置了支付密码
        if (!$user->pay_password) {
            $this->error(__('您尚未设置支付密码，请先设置支付密码'));
        }
        
        // 验证原支付密码
        $encryptOldPassword = md5(md5($old_password) . $user->pay_password_salt);
        if ($encryptOldPassword !== $user->pay_password) {
            $this->error(__('原支付密码不正确'));
        }
        
        // 生成密码盐
        $salt = Random::alnum();
        // 加密支付密码
        $encryptPassword = md5(md5($password) . $salt);
        
        // 更新用户支付密码
        $user->save([
            'pay_password' => $encryptPassword,
            'pay_password_salt' => $salt
        ]);
        
        $this->success(__('支付密码重置成功'));

    }
}